Quervar – Induc.C reincarnate

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Quervar – Induc.C reincarnate
Botnet Dorifel
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / August 21, 2012
Editor/Conference Eset
Link http://blog.eset.com/2012/08/21/quervar-induc-c-reincarnate blog.eset.com (blog.eset.com Archive copy)
Author Robert Lipovsky
Type

Abstract

Win32/Quervar (a.k.a Dorifel, XDocCrypt) is a virus family that has been in the news recently, especially in the Netherlands. It has been reported to be causing havoc on computers of several notable Dutch institutions. In our analysis, we provide additional technical details about the workings of the virus and compare it to another virus, the Delphi-infecting Win32/Induc.C, to which it bears a suspiciously strong resemblance.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1114,
   editor = {Eset},
   author = {Robert Lipovsky},
   title = {Quervar – Induc.C reincarnate},
   date = {21},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://blog.eset.com/2012/08/21/quervar-induc-c-reincarnate blog.eset.com}},
 }